Lucene search

[email protected]CVE-2021-30003

HistoryApr 02, 2021 - 5:15 a.m.

CVE-2021-30003

2021-04-0205:15:13

CWE-79

[email protected]

web.nvd.nist.gov

nokia

g-120w-f

3fe46606agab91

stored xss

urlfilter.cgi

administrative interface

nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices. There is Stored XSS in the administrative interface via urlfilter.cgi?add url_address.

Affected configurations

NVD

Node

nokiag-120w-fMatch-

AND

nokiag-120w-f_firmwareMatch3fe46606agab91

CPENameOperatorVersion
nokia:g-120w-f_firmwarenokia g-120w-f firmwareeq3fe46606agab91

CPE	Name	Operator	Version
nokia:g-120w-f_firmware	nokia g-120w-f firmware	eq	3fe46606agab91

References

research.0xdutra.com/posts/router-g120w-f/

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for CVE-2021-30003

prion1 nvd1 cvelist1